What constitutes an act of war in the cyber domain?
It’s a question that officials have wrestled with for some time without being able to provide a clear-cut answer.
But in newly-published responses to questions from the Senate Armed Services Committee, the Pentagon ventured last year that “The determination of what constitutes an ‘act of war’ in or out of cyberspace, would be made on a case-by-case and fact-specific basis by the President.”
“Specifically,” wrote then-Undersecretary of Defense (Intelligence) Marcel Lettre, “cyber attacks that proximately result in a significant loss of life, injury, destruction of critical infrastructure, or serious economic impact should be closely assessed as to whether or not they would be considered an unlawful attack or an ‘act of war.'”
Notably absent from this description is election-tampering or information operations designed to disrupt the electoral process or manipulate public discourse.
Accordingly, Mr. Lettre declared last year that “As of this point, we have not assessed that any particular cyber activity [against] us has constituted an act of war.”
See Cybersecurity, Encryption and United States National Security Matters, Senate Armed Services Committee, September 13, 2016 (published September 2017), at p. 85.
See related comments from Joint Chiefs Chairman Gen. Joseph Dunford in U.S. National Security Challenges and Ongoing Military Operations, Senate Armed Services Committee, September 22, 2016 (published September 2017), at pp. 56-57.
In January 2017, outgoing Obama DHS Secretary Jeh Johnson for the first time designated the U.S. election system as critical infrastructure. “Given the vital role elections play in this country, it is clear that certain systems and assets of election infrastructure meet the definition of critical infrastructure, in fact and in law,” he wrote. It follows that an attack on the electoral process could now be considered an attack on critical infrastructure and, potentially, an act of war.
“Russia engaged in acts of war against America, not with bullets and bombs, but through a modern form of warfare, a cyberattack on our democracy,” opined Allan Lichtman, a history professor at American University, in a letter published in the latest issue of the New York Review of Books.
Not so fast, replied Noah Feldman and Jacob Weisberg: “The US is not now in a legal state of war with Russia despite that country’s attempts to affect the 2016 election.”
The current issue of the US Army’s Military Intelligence Professional Bulletin (Oct-Dec 2017) includes an article on Recommendations for Intelligence Staffs Concerning Russian New Generation Warfare by MAJ Charles K. Bartles (at pp. 10-17).
BRIDG is not-for-profit public-private partnership located in Osceola County, Florida providing semiconductor R&D and production capabilities to industry and government. Here’s how their region innovates.
The United States should take the diplomatic lead in developing multilateral protocols to resolve conflicts and facilitate the peaceful development of a space mining sector.
Inconsistent data collection makes disaster resilience more challenging than it needs to be. By opening up and making this data consistent, the Biden-Harris Administration can change the way we prepare and mitigate disaster for the better.
The Federation of American Scientists is excited to welcome three new additions to organizational leadership.